Re: mail gui

On Sat, 2004-10-30 at 21:07, Michael A. Peters wrote:
[snip]
> Even in the default case postfix is better. You can run it more
> securely in a chroot jail than you can sendmail, and it's security
> record isn't nearly as blemished as sendmail.
That blemished past is pretty far in the past. The number of security
holes per year has dramatically decreased in recent years. Note that it
used to be measured in holes/week, but take a look at www.sendmail.org
and you'll see that the last hole was over a year ago. So it's a matter
of preference, really. But I'm hoping this doesn't turn into an all-out
'my-MTA-is-better-than-yours' religious war. Please let's endeavor to
not let that happen.
But in the default case, your argument doesn't hold much water. I
don't know if it's possible to run sendmail in a chroot jail, but given
that it only listens to localhost by default, it's not that big a deal.
Those who enable it to listen on the public interface should know what
they are doing, and that goes for *any* deamon listening on a public
interface.
> And for cases where you do need to change default configuration, for
> the vast majority of them postfix is both easier to configure and more
> secure.
Easier is a relative term. Depends on what you are used to.
Certainly, its easier for the average joe, agreed.
> But Fedora won't change to postfix because of management people of the
> kind you see in Dilbert who insist upon sendmail in RHEL and if they
> aren't going to switch to postfix in RHEL then they won't switch to
> postfix in Fedora.
Man, oh, man. When we will people stop with these silly conspiracy
theories? Find me one PHB who even knows what sendmail and postfix
*are*.
> The Fedora merger I had hoped would shoot for desktop market - but
> instead it shoots for a testing platform for RHEL.
Well, you're entitled to hope, but Fedora was *never* targeted at the
desktop market. Or any *market*, so to speak:
Purpose: Server/Desktop/Workstation
User: Enterprise/Home/Hobbyist-Enthusiast-Developer
The above two classifications are orthogonal. Combine any one from the
first list with any one from the second list. Fedora is aimed at the
Hobbyist-Enthusiast-Developer. That does not preclude Server, Desktop,
or Workstation, but your mileage may vary. It's pretty much implied in
the stated goals of Fedora that it is where new things get tried out
before being included in RHEL. Red Hat tries not break things
horribly. And I've think it's done a pretty good job. Except, see
below.
> This is probably
> also why they royally screwed up the benefits of rpm by now WITHOUT
> WARNING allowing files from one rpm to replace files of another.
Though I don't think it is why it's screwed up the benefits of rpm, I
do agree that the recent fileconflicts handling (or non-handling) is a
major boo-boo, and hope that the change is backed out before release of
FC3. It's bad, real bad.
--
-Paul Iadonisi
Senior System Administrator
Red Hat Certified Engineer / Local Linux Lobbyist
Ever see a penguin fly? -- Try Linux.
GPL all the way: Sell services, don't lease secrets